[HN Gopher] Juniper support portal exposed customer device info
       ___________________________________________________________________
        
       Juniper support portal exposed customer device info
        
       Author : todsacerdoti
       Score  : 49 points
       Date   : 2024-02-09 15:40 UTC (7 hours ago)
        
 (HTM) web link (krebsonsecurity.com)
 (TXT) w3m dump (krebsonsecurity.com)
        
       | guardiangod wrote:
       | I really don't need to hear this on a Friday....
        
         | chaseideas wrote:
         | yeah, seriously
        
       | chaseideas wrote:
       | Wow.... nice one...
        
       | tguvot wrote:
       | i am not going to point fingers, but there is one vendor that had
       | or maybe still has issue, that allowed you to get to management
       | interface of entire organization as administrator if you knew
       | serial number of one of the devices deployed.
       | 
       | i by accident got into admin account of rather large organization
       | with hundreds of devices active
       | 
       | this vendor didn't have proper way that allowed to disclose this
       | issue in a anonymous fashion.
        
       | iJohnDoe wrote:
       | It pains me because some of the largest companies in the world
       | use Juniper and Palo Alto, etc. Even Cloudflare uses Juniper.
        
       ___________________________________________________________________
       (page generated 2024-02-09 23:00 UTC)